Various protocols that commonly appear on networks have features that make them of special interest in security monitoring. For example, Syslog and Network Time Protocol (NTP) are essential to the work…
Category: CYBER SECURITY
Understanding Access Control List In Cybersecurity
Many technologies and protocols can have impacts on security monitoring. Access Control Lists (ACLs) are among these technologies. ACLs can give a false sense of security if they are overly relied…
Network Logs In Cybersecurity: Facts To Note
The tcpdump command-line tool is a very popular packet analyzer. It can display packet captures in real-time or write packet captures to a file. It captures detailed packet protocol and content data….
Use Of Security Onion As A Source Of Alerts
Use Of Security Onion As A Source Of Alerts Security Onion is an open-source suite of Network Security Monitoring (NSM) tools that run on an Ubuntu Linux distribution. Security Onion tools…
The Need For Alert Evaluation In Cybersecurity
The threat landscape is constantly changing as new vulnerabilities are discovered and new threats evolve. As a user and organizational needs change, so also does the attack surface. Threat actors have learned…
Using Sguil In Investigating Network Data
The primary duty of a cybersecurity analyst is the verification of security alerts. Depending on the organization, the tools used to do this will vary. For example, a ticketing system may…
Digital Forensics In Cybersecurity: Facts To Note
Now that you have investigated and identified valid alerts, what do you do with the evidence? The cybersecurity analyst will inevitably uncover evidence of criminal activity. In order to protect…
Cyber Killer Chain In Cybersecurity: Facts To Know
The Cyber Killer Chain was developed by Lockheed Martin to identify and prevent cyber intrusions. There are seven steps to the Cyber Kill Chain. Focusing on these steps helps analysts understand…
Understanding Diamond Model Of Intrusion Analysis
The Diamond Model of Intrusion Analysis is made up of four parts, as shown in the figure. The model represents a security incident or event. In the Diamond Model, an event…
How To Establish Incident Response Capability
Incident Response involves the methods, policies, and procedures that are used by an organization to respond to a cyber attack. The aims of incident response are to limit the impact of…
8 Expert Tips To Clear CEH Exam In First Attempt
With the Covid 19 pandemic ravaging the country, more and more businesses have had to shift online. While many businesses struggle to get their feet off the ground in the online…
The Ultimate Online Privacy Guide for Journalists
As a journalist in 2021, the dangers you face are ever-increasing. Without the proper protection from online threats, you risk hackers stealing confidential information, exposing your sources, breaking anonymity, and getting…